< Back to provar.com
Documentation

Looking for something in particular?

Masking Credentials in Jenkins

Provar now supports masking credentials in Jenkins without needing to check the Provar .secrets file into GitHub. This is to reduce exposure of the credentials used in Test Case execution. The solution is to use Jenkins’ credentials plugin to set up the passwords and security tokens as environment variables.

Password Masking Demo

Prerequisites in Masking Credentials in Jenkins

  • A Jenkins server
  • Required privileges on Jenkins to install plugins and create a project

Download Required Plugins

You will need to download and install three Jenkins plugins:

When all three plugins are installed, your Jenkins installation has the required directives to allow you to inject secrets into Jenkins.

Create Credentials

Go to Jenkins (menu) and choose Credentials.

Create a new user and password credentials. Once it’s created, copy its credentials ID. This is a hash which is used by Jenkins to identify these specific credentials.

Go to Jenkins and choose credentials to create credentials
Sample of setting up Jenkins credentials window

Create and Configure your New Build Job

Create a new item (new job), name it, and select Freestyle project or any other.

Create a new item, name it, and select Freestyle project or any other

After installing the plugins, you will now have a new option under Build Environment which is called Use secret text(s) or file(s). Tick this option and a new box will appear: Binding and underneath it Add:

After installing the plugins, new option will appear under Build Environment which is called Use secret text or file

Click Add and choose Username and password (separated):

How to edit username and password with new option under Build Environment

A new box will appear. Here you can enter the variable name which will hold the real username as in the credentials. You can also enter the variable name for the password which will hold the real password as in the credentials:

screenshot of a dialogue box where you can edit username variable and password variable

Provide a Build Step of Invoke Ant:

Provide a Build Step of Invoke Ant in masking credentials in Jenkins

Provide the ANT build file path location:

Provide the ANT build file path location in masking credentials in Jenkins

Then save your Project.

This how masking credentials in Jenkins looks like when saving

Test Configuration

Remove .secrets from the Provar Project.

How to Remove .secrets from the Provar Project to mask credentials in Jenkins

Run your job and check console output.

Console Output

Application successfully launched without having .secrets file in a Project:

sample of Application successfully launched without having .secrets file in a Project

And if run same project from Provar you will see error message:

Sample error message when running same test in Provar
Review Provar on G2
Documentation library

Trying to raise a case with Customer Success?

Login into the Success Portal

We use cookies to better understand how our website is used so we can tailor content for you. For more information about the different cookies we use please take a look at our Privacy Policy.

Scroll to Top